# How to block all the outbound traffic while allowing SSH connections?

Learn how to block all the outbound traffic while allowing SSH connections from the portal step-by-step.

**Step 1:** [Login](https://customer.acecloudhosting.com/index.php?m=ace_product_register_addon\&action=login) to your account.

<figure><img src="/files/R943TAhRrQN1bHLhJ7uy" alt=""><figcaption></figcaption></figure>

**Step 2**: From the left-hand side menu, select **Networks** and click **Security Group**.

<figure><img src="/files/F4fosXlYFwPfSsFofxQM" alt=""><figcaption></figcaption></figure>

**Step 3:** Choose the security group where you want to change the rules.

<figure><img src="/files/pDug2MX0NQjLHYhABBck" alt=""><figcaption></figcaption></figure>

**Step 4:** Click on **Create New Rule** to set a rule in a security group.

<figure><img src="/files/a8lvu2fhO1Szuh09ryzw" alt=""><figcaption></figcaption></figure>

**Step 5**: Enter the following details according to your requirements and security needs:&#x20;

<figure><img src="/files/piHzS5ISLwiV4daifSsc" alt=""><figcaption></figcaption></figure>

<table data-full-width="false"><thead><tr><th width="151.5">Field </th><th>Description </th></tr></thead><tbody><tr><td><strong>Rule</strong> </td><td>Specify the desired rule template or use custom rules such as Custom TCP Rule, Custom UDP Rule, or Custom ICMP Rule. </td></tr><tr><td><strong>Description</strong> </td><td>Add a brief description of the rule. </td></tr><tr><td><strong>Direction</strong> </td><td><p>Select the desired filter out of the two available filters i.e., ingress and egress. The ingress and egress rules are used to control traffic within and across the network boundary. Let’s know them individually: </p><p><strong>Ingress:</strong> It refers to a set of rules which are used to block outbound traffic coming toward the server. </p><p><strong>Egress:</strong> It refers to a set of rules which are used to allow traffic to pass from your server to the outer world. </p><p> </p></td></tr><tr><td><strong>Open Port/Port Range</strong> </td><td><p>For TCP and UDP rules you may choose to open either a single port or a range of ports. </p><p> </p></td></tr><tr><td><strong>Remote</strong> </td><td>Specify the source of the traffic to be allowed via this rule. You may do so either in the form of an IP address block (CDR) or via a source group (Security Group). </td></tr></tbody></table>

Then, click the **Add Rule** button.

Therefore, if you want to allow SSH connections while blocking all the outbound traffic with a cloud firewall, you need to select the Egress filter rule in the **Direction** category.&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.acecloud.ai/knowledge-base/network/how-to-block-all-the-outbound-traffic-while-allowing-ssh-connections.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.